Cloudmersive Private Cloud Best Practices for IBM Cloud

Overview

Cloudmersive Private Cloud natively supports IBM Cloud. Follow these best practices to facillitate a great installation experience.

General Approach

In general, follow the instructions in the Cloudmersive management portal under Private Cloud Deployment. Extend those instructions with these best practices.

Choosing the Right IBM Virtual Server Configuration

When creating your Virtual Server instance, we recommend a M1.2x16 or higher/equivalent. Be sure that your Virtual Server instance has at least 16 GB of RAM. When choosing Virtual Machine Image, be sure to choose Windows Server 2016 (do NOT choose Server Core or Windows Server 2019). You must also configure a 200 GB [SAN] data disk; we recommend using an SSD data disk. For OS disk type, SSD is recommended but not required. Under Public Security Group we recommend allow_outbound and allow_http or allow_https. For the installation, connect to the instance over Remote Desktop (RDP). Ensure that the instance has outbound connectivity as described in the instructions. We require assigning all IP addresses as static. Note that in IBM Cloud if you do not set your IP addresses to static, your IP addresses will rotate on restart, breaking your installation.

Be sure to NOT apply any IBM security groups. Acquire the password for Windows Server (click on Passwords on the left-hand side of the Virtual Machine screen to review the password) and connect to the VM. Once you connect to the VM, you will need to enable outbound network connectivity (the ability for the server to connect out - this can be disabled later after the installation).

You must also disable the outbound HTTP proxy server that is enabled by default in IBM Cloud. To do this, execute this command in PowerShell Administrator prompt:

set-itemproperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings' -name ProxyEnable -value 0

You will need to restart the server. To ensure that the outbound proxy has been disabled we recommend opening a support ticket with IBM Cloud or via chat requesting confirmation that all outbound traffic can proceed unrestricted and that the proxy has been disabled.

Note: There is a bug affecting Windows Server in IBM Cloud where the Private Network adapter is switched erroneously from Static to DHCP. You must switch this back to static. This is an IBM Cloud issue - if it occurs you may need to contact IBM Support.

Before Installation (Required)

After provisioning your Virtual Machine instances but prior to running the installation, navigate to each node in your Cloudmersive Private Cloud installation in the management portal under Private Cloud Deployment and click on Configure Node. Under External Node Address, copy and paste the Public IP address from the Virtual Server screen in the IBM Cloud Portal. Under Internal Node Address, copy and paste the Private IP address from the Virtual Server screen in the IBM Cloud Portal. If you are using an outbound proxy, check the box for Enable Proxy Server for Outbound Traffic and specify the proxy server. Click Save Changes.

We also recommend disabling automatic Windows Update restarts in Windows Server 2016.

If you attached an additional storage drive in IBM Cloud you will need to add it as a drive in Windows by going to Administrator Tools > Computer Management > Disk Management and completing the prompt. Then create a New Volume and assign it a new drive letter, such as E.

Outbound Proxy Endpoint Whitelisting

If your company limits outbound network traffic based on a proxy server or requires outbound IP endpoint whitelisting, whitelist all of these endpoints prior to starting the installation:

  • https://cloudmersive.com
  • https://account.cloudmersive.com
  • https://servicecore.cloudmersive.com
  • https://virusdefinitions.cloudmersive.com
  • https://privatecloud.cloudmersive.com
  • https://927861292015.dkr.ecr.us-east-1.amazonaws.com
  • https://ecr.us-east-1.amazonaws.com
  • https://api.ecr.us-east-1.amazonaws.com
  • https://download.microsoft.com
  • https://onegetcdn.azureedge.net
  • https://go.microsoft.com
  • https://appsapi.cloudmersive.com
  • https://mcr.microsoft.com
  • https://eastus.data.mcr.microsoft.com
  • https://prod-us-east-1-starport-layer-bucket.s3.us-east-1.amazonaws.com

In addition, navigate to the server in Cloudmersive Management Center under Private Cloud, click on Configure Node, and check "Enable Proxy Server for Outbound Installation Traffic", provide the proxy server (e.g. https://myproxy.mydomain.com:8080) and click on Save Changes.


During Installation - IBM Cloud Specific

After completing the Install Prerequisites step, you must undertake an additional step for IBM Cloud before you can proceed to the second Install Cloudmersive step.

You must run the following command from the Cloudmersive Private Cloud installer directory in Administrator PowerShell:

./ChangeStorageDrive.ps1

When prompted, enter the additional storage drive you attached, such as E. This will change the drive that Cloudmersive Private Cloud primary files are stored on to E. Since Cloudmersive Private Cloud can use up to 200 GB of disk space this is necessary on IBM Cloud which has a disk size limit of 100 GB for the OS Disk.

We are now ready to run the pre-installation readiness check. From the Cloudmersive Private Cloud installation folder run the following command from Administrator PowerShell:

./ReadinessCheck.ps1

After Installation

If you are installing Cloudmersive Private Cloud in high availability mode, you will want to configure an IBM Cloud Load Balancer to balance traffic across the nodes. Create a load balancer under Load Balancers in the IBM Cloud Portal and set the endpoints to the HTTP 80 (or HTTPS 443 if you configured it) port on each of the nodes that you installed. Use the public endpoint of the load balancer as the BasePath for all of the API clients.